2d1375707600c5c319997bd15002113d_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2d1375707600c5c319997bd15002113d_JaffaCakes118
Size

214KB
MD5

2d1375707600c5c319997bd15002113d
SHA1

0f2019dee5ccbc4964127427cfb7418b62af24e5
SHA256

11fce7e184b64a2aa949803a2aedb4d02567bf9e7e95c278d8a73fee3216185f
SHA512

56c0339ae6d112df3ab533d140049273a7dac9ebc551e16ec2b5cd2f4f37e99c56c1ac4400842e0fc808a00970fc3ed31aca1e4352fdd39ee297a8091392cdde
SSDEEP

3072:QILAZsusZwmKIz5KFTqE7iYetIcprmwrcyzOlWLXTdT4LF/5YgTO:aDFSz5K1qIidvrmAcjWLjtUF/5B6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2d1375707600c5c319997bd15002113d_JaffaCakes118

Files

2d1375707600c5c319997bd15002113d_JaffaCakes118
.exe windows:1 windows x86 arch:x86

037a85f65b2dc652616127c1fa74edf0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedDecrement
GetCommandLineA
GetVersionExA
GetTimeFormatA
HeapReAlloc
WriteFile
lstrlenW
GetModuleHandleA
WriteConsoleA
GetSystemTimeAsFileTime
GlobalLock
FindResourceA
WideCharToMultiByte
ReadFile
DeleteFileA
LeaveCriticalSection
OpenEventA
SetEnvironmentVariableA
TlsGetValue
TerminateProcess
lstrcpyA
DuplicateHandle
IsBadStringPtrA
GetCPInfo
GetNumberFormatA
GetThreadContext
RaiseException
GetOEMCP
OpenProcess
FindClose
DeleteCriticalSection
GetACP
IsValidCodePage
GetDriveTypeA
GetSystemInfo
FlushFileBuffers
QueryPerformanceCounter
GetCurrentThreadId
GetComputerNameW
GetCurrentDirectoryA
GetModuleHandleW
GetDateFormatA
LocalFree
CreateFileMappingA
FindFirstFileA
UnhandledExceptionFilter
GetEnvironmentStrings
GetCurrentProcess
CreateProcessA
FreeEnvironmentStringsA
GetStartupInfoA
SetEvent
GetProcessHeap
GetTickCount
HeapFree
Module32First
SetPriorityClass
SetLastError
GetConsoleCP
ExpandEnvironmentStringsA
GetSystemDirectoryA
CreateEventA
SetStdHandle
GetStringTypeW
GlobalAddAtomA
GlobalMemoryStatus
Sleep
lstrcpynA
FormatMessageA
TlsFree
SetProcessWorkingSetSize
InterlockedIncrement
LCMapStringA
CreateThread
QueryPerformanceFrequency
SetEndOfFile
TlsSetValue
GlobalUnlock
MulDiv
FileTimeToLocalFileTime
VirtualFree
ExitThread
GetFileAttributesA
HeapCreate
TlsAlloc
WaitForSingleObject
lstrlenA
GetProcessWorkingSetSize
VirtualAlloc
GetStdHandle
GetFileType
FileTimeToSystemTime
lstrcmpA
CreateToolhelp32Snapshot
InterlockedExchange
GetVersion
ResumeThread
GlobalReAlloc
ExitProcess
IsBadReadPtr
FreeEnvironmentStringsW
LoadResource
GetModuleFileNameA
GetFileTime
ResetEvent

user32

IsIconic
GetMessageA
DialogBoxParamA
PeekMessageA
FillRect
DispatchMessageA
RedrawWindow
KillTimer
SetWindowPlacement
EndDialog
TrackPopupMenuEx
CheckMenuRadioItem
DeferWindowPos
EnumWindows
SetScrollInfo
CheckRadioButton
BeginDeferWindowPos
GetClassLongA
GetWindowThreadProcessId
GetUserObjectSecurity
WindowFromPoint
ScreenToClient
RegisterClassA
DestroyIcon
InvalidateRgn
IsDlgButtonChecked
DrawTextA
IsZoomed
GetWindowLongA
GetMenuItemCount
CloseClipboard
IsWindowVisible
ShowWindowAsync
ChildWindowFromPoint
GetScrollInfo
GetUpdateRgn
GetKeyState
MessageBoxA
SetMenuItemInfoA
DefDlgProcA
GetDC
DrawEdge
LoadStringA
PtInRect
AppendMenuA
PostMessageA
RegisterWindowMessageA
SetFocus
DefWindowProcA
GetSubMenu
DeleteMenu
CreateDialogParamA
BeginPaint
GetMenuItemID
CreateIconIndirect
CallWindowProcA
GetDoubleClickTime
GetMenu
GetDlgItemTextA
GetWindowPlacement
ReleaseDC
ScrollWindowEx
SystemParametersInfoA
SetTimer
ClientToScreen
SendMessageTimeoutA
EnableMenuItem
FindWindowExA
DialogBoxIndirectParamA
SetDlgItemTextA
GetCapture
SetClipboardData
FindWindowA
GetDlgItem
EmptyClipboard
DefFrameProcA
GetSysColorBrush
DrawFrameControl
IntersectRect
InvalidateRect
SetWindowLongA
CreateWindowExA
InsertMenuA
DefMDIChildProcA
GetCursorPos
DrawMenuBar
IsDialogMessageA
GetClientRect
SetPropA
GetDlgCtrlID
SetWindowTextA
LoadIconA
PostQuitMessage

msvcrt

memcpy
_adjust_fdiv
_except_handler3
_controlfp
__p__fmode
__p__commode
_XcptFilter
_exit
__getmainargs
__setusermatherr
__set_app_type
_initterm
_acmdln
exit

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 187KB - Virtual size: 187KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 164B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

037a85f65b2dc652616127c1fa74edf0

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

Sections

.text Size: 23KB - Virtual size: 23KB

.rdata Size: 187KB - Virtual size: 187KB

.data Size: 512B - Virtual size: 4KB

.rsrc Size: 512B - Virtual size: 164B

.text
Size: 23KB - Virtual size: 23KB

.rdata
Size: 187KB - Virtual size: 187KB

.data
Size: 512B - Virtual size: 4KB

.rsrc
Size: 512B - Virtual size: 164B